<div dir="ltr">Well damn, I didn't necessarily expect a reply overnight, let alone 3. Neat!<br><br>Tony, thanks for the info on libcrypto vs libssl, we'll keep that in mind! At some point we're going to want SSL support in our project for other things though, and it looks like we might go with NSS, so if we do and do end up modifying ldns to use it (optionally) we'll definitely PR it.<div>
<br></div><div>Until then, take care all and thanks again!</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Aug 27, 2014 at 7:04 AM, Tony Finch <span dir="ltr"><<a href="mailto:dot@dotat.at" target="_blank">dot@dotat.at</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">Thomas Winget <<a href="mailto:tewinget@gmail.com">tewinget@gmail.com</a>> wrote:<br>
><br>
> I'm considering using ldns (or OpenDNSSEC) in a C++ project, but due to<br>
> recent events with OpenSSL there's a certain apprehension in the project<br>
> toward using something that depends on it. Are there any plans to move<br>
> toward something like Mozilla's NSS, or perhaps offer it as an option?<br>
<br>
</div>Note that most of the recent problems in OpenSSL have been in its TLS and<br>
DTLS protocol handling. Its underlying crypto primitives are much less<br>
problematic. DNSSEC software generally doesn't use TLS or DTLS (it links<br>
with libcrypto but not libssl) so depending on OpenSSL is not too<br>
worrying.<br>
<br>
But don't let that discourage you from adding support for other crypto<br>
libraries if you want to :-)<br>
<span class="HOEnZb"><font color="#888888"><br>
Tony.<br>
--<br>
f.anthony.n.finch <<a href="mailto:dot@dotat.at">dot@dotat.at</a>> <a href="http://dotat.at/" target="_blank">http://dotat.at/</a><br>
Trafalgar: Cyclonic in northwest, otherwise mainly northerly or northwesterly<br>
5 or 6. Slight or moderate. Showers in northwest. Good.<br>
</font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br>Thomas Winget<div>Computer Engineering<br>Purdue University '12</div>
</div>